Summary

Adobe has released a security update for Adobe Connect for Windows. This update resolves two input validation vulnerabilities (CVE-2017-3102, CVE-2017-3103) that could be used in reflected and stored cross-site scripting attacks, respectively. This update also includes a mitigation to protect users from UI redressing (or clickjacking) attacks (CVE-2017-3101).

CVE-2017-3101

Affected product versions

Product

Version

Platform

Adobe Connect

9.6.1 and earlier

Windows

Solution

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version: